Understanding Internet infrastructure and securing enterprise networks
The success of the Internet has brought out extraordinary benefits to our society. Current Internet infrastructure has become much more complicated than that in the early 90's when it was first deployed for commercial use. Due to limitations in the initial design of the Internet, security issues are not well addressed. Thus, the Internet has been confronted with many security problems such as worm attacks and Internet infrastructure vulnerabilities. To address these problems, this dissertation focuses on developing various strategies for securing enterprise networks and Internet infrastructure.
The Internet consists of thousands of distinct regions of administrative domains, each of which possesses a set of Autonomous Systems (ASes). With the rapid growth of the Internet in both scale and complexity, understanding its infrastructure is critical to ensure the reliable and efficient operation of the Internet. This has led to the first part of our work.
The connectivity of the Internet does not imply the reachability from one network to another. Routing policies among Internet Service Providers (ISPs) play an important role, which are determined by commercial relationships among them. Although such information is desirable for Internet related research, not all ISPs are willing to publish it. It becomes necessary to infer AS relationships from other public resources to understand the network reachability. Our first part of work evaluates existing algorithms on inferring AS relationships and proposes an improved algorithm that achieves a better accuracy on the inference results.
Maintaining network reachability is far from enough for enterprise networks since malicious attacks may deplete network resources and degrade network performances. The second part of our work is to develop strategies for securing enterprise networks against worm attacks. We propose an algorithm on worm detection and quarantine using sequential hypothesis testing. Both analytical and experimental results show that our algorithm can protect enterprise networks effectively from generic worm attacks.
In addition to worm attacks, there are malicious attacks exploiting the vulnerabilities in the Internet infrastructure, which may result in more severe damages by impacting the networks on a large-scale. We address two security issues along this line. One issue is the persistent forwarding loops that may be exploited to launch flooding attacks. The other is the design flaws in router architecture that may be exploited to impact the functionality of routers and routing protocols.
Regarding the vulnerability of persistent forwarding loops, we perform an extensive measurement in the Internet to understand its scope, i.e., the number of network addresses that has experienced persistent forwarding loops and the number of addresses that will be impacted indirectly by the loops. We also characterize the properties of persistent forwarding loops in terms of length and location. By emphasizing their potential damage, we also investigate the possible causes of persistent forwarding loops.
Regarding the design flaws in router architecture, we analyze the impact of control path congestion on the behavior of Border Gateway Protocol (BGP). Our results show that attacks exploiting this vulnerability can reset BGP sessions within 10 minutes, which may lead to global routing instability in the Internet. In addition, we discuss feasible solutions to mitigate such problems and provide suggestions in practice to secure the Internet infrastructure.
The major contributions of this dissertation include the analysis on potential vulnerabilities in the Internet infrastructure and the development of worm detection and quarantine algorithms to secure enterprise networks. We assess the Internet infrastructure vulnerability by both analytical and experimental studies, and highlight that misconfigurations and design flaws in routers may cause serious security problems in the Internet.